Support Chat Completions wire format for custom OpenAI-compatible providers #21158
Description
Problem
The codex runtime exclusively uses the OpenAI Responses API (/v1/responses) wire format. Custom OpenAI-compatible model serving platforms — such as Databricks Model Serving, vLLM, LiteLLM, and others — typically only implement the Chat Completions API (/v1/chat/completions).
This makes the new inline engine definition with custom providers (from #20416 / #20473) non-functional for these platforms: the OAuth token exchange and provider configuration work correctly at the compiler level, but the codex runtime sends requests in a format the endpoint cannot serve.
Evidence from a real workflow run
Using the inline engine definition with oauth-client-credentials against a custom OpenAI-compatible endpoint:
1. OAuth token exchange succeeds
The compiler correctly obtains a token and populates OPENAI_API_KEY:
✅ OPENAI_API_KEY: Configured (using as fallback for CODEX_API_KEY)
2. Model name is ignored — codex resolves to its default
Despite GH_AW_MODEL_AGENT_CODEX being set to the custom model name, codex CLI resolves to its hardcoded default:
GH_AW_MODEL_AGENT_CODEX: <custom-model-name>
But the session init log shows:
DEBUG session_init: codex_core::codex: Configuring session:
model=gpt-5.3-codex;
provider=ModelProviderInfo {
name: "OpenAI",
base_url: Some("http://172.30.0.30:10000/v1"),
wire_api: Responses,
...
}
The custom model name was replaced with gpt-5.3-codex, and wire_api is hardcoded to Responses.
3. Codex sends POST to /v1/responses — endpoint rejects it
TRACE: codex_client::transport: POST to http://172.30.0.30:10000/v1/responses
{"model":"gpt-5.3-codex", ...}
The API proxy forwards this to the custom endpoint, which only serves /v1/chat/completions. The request fails silently:
[WARN] Command completed with exit code: 1
Process exiting with code: 1
4. Agent produces no output
OUTPUT_TYPES: (empty)
HAS_PATCH: false
Detection skipped: no agent outputs or patches to analyze
Root cause
There are two independent issues:
-
Wire format mismatch: The codex runtime hardcodes
wire_api: Responses. Custom providers using Chat Completions cannot serve/v1/responsesrequests. Therequest.path-templatefield from Phase 4: Add AuthDefinition and RequestShape for provider-owned auth and request shaping #20473 only rewrites the URL path — it does not translate the request/response body format. -
Model name override ignored: The
provider.modelfield from the frontmatter is passed asGH_AW_MODEL_AGENT_CODEXbut codex CLI does not honor it, falling back togpt-5.3-codex. This means even if the wire format were compatible, the wrong model would be requested.
Proposal
Add a request.wire-format field (or equivalent) to the inline engine definition that controls which wire protocol the runtime uses:
engine:
runtime:
id: codex
provider:
id: my-provider
model: my-custom-model
request:
wire-format: chat-completions # "responses" (default) | "chat-completions"
auth:
strategy: oauth-client-credentials
token-url: https://example.com/oidc/v1/token
client-id: MY_CLIENT_ID
client-secret: MY_CLIENT_SECRETWhen wire-format: chat-completions is set, the runtime should:
- Send requests to
/v1/chat/completionsinstead of/v1/responses - Translate the request body to Chat Completions format
- Parse the Chat Completions response back into the internal format
- Honor the
provider.modelfield in API requests
Alternatively, the API proxy layer (172.30.0.30:10000) could perform this translation transparently when the engine definition declares chat-completions wire format.
Impact
This blocks adoption of GitHub Agentic Workflows for any organization that mandates use of self-hosted or third-party OpenAI-compatible inference platforms. The engine enhancement architecture from #20416 already supports custom providers and auth — wire format is the last missing piece.
Versions
- gh-aw: v0.58.0
- codex CLI: v0.114.0
- API proxy: gh-aw-firewall v0.23.0
Related
- GitHub Agentic Workflow Engine Enhancement Proposal #20416 — Engine Enhancement Proposal (introduced provider/runtime separation)
- Phase 4: Add AuthDefinition and RequestShape for provider-owned auth and request shaping #20473 — Phase 4: Auth & Request Shaping (merged 2026-03-11)